Cyber Security Engineer at coreonyx

Job Overview:

We are seeking a skilled Senior Level Cyber Security Engineer based in Newport News, VA. The ideal candidate will provide leadership in designing, assessing, and implementing security controls across complex systems, ensuring compliance with DoD standards and the confidentiality, integrity, and availability of Army systems. This position is contingent upon contract award.

Key Responsibilities:

Lead the implementation of administrative, physical, and technical security controls across the ATIS portfolio, ensuring compliance with DoD RMF requirements.
Conduct independent security assessments and testing to identify risks, recommend mitigation strategies, and ensure continuous compliance.
Manage the Plan of Action and Milestones (POAM) process, documenting mitigations and overseeing their resolution within defined timelines.
Serve as a technical advisor for RMF controls implementation, collaborating with the Information System Security Manager (ISSM) to maintain eMASS records.
Perform Independent Verification and Validation (IV&V) testing and report on findings, including compliance with RMF and continuous monitoring requirements.
Lead risk assessments for third-party systems, evaluating vulnerabilities and proposing actionable remediation strategies to protect Army systems.
Oversee system security scans and vulnerability assessments, ensuring compliance with Army and DoD cybersecurity policies.
Define and maintain security standards, policies, and procedures, ensuring they are operationally effective and meet Army requirements.
Provide guidance on incident response investigations, identifying opportunities for improvement in incident handling and mitigation efforts.
Collaborate with stakeholders to implement and monitor security safeguards using cutting-edge technologies, such as encryption, remote access, and antivirus systems.

Required Skills:

Deep knowledge of DoD RMF, including security assessment and testing, identity and access management, and security engineering.
Proficiency in eMASS and the ability to manage security documentation and compliance records.
Strong understanding of the 8 domains of information security, including: Security & Risk Management, Security Assessment and Testing, Communications and Network Security, Software Development Security.

Travel up to 20%

Qualifications:

Secret or higher clearance level
U.S. Citizenship
Bachelor’s degree in Cybersecurity, Computer Science, or a related discipline.
6+ Years experience.
IASAE II DoD Approved Baseline Certification (e.g., CISSP, CASP CE, CSSLP).

Desired Qualifications:

Master’s degree or higher in a related field desired.
Certifications:
SAFe Agile Practitioner certification.
AWS Certified Cloud Practitioner (CCP) to demonstrate knowledge of securing cloud environments.
Expertise in cloud security, including designing and implementing controls in AWS environments. Experience presenting complex technical information to senior military leadership.

Life at coreonyx

Forged by passion for service, unflinching integrity, and unwavering commitment to our client's mission, CoreOnyx was created to deliver the value, quality and integrity our clients demand. Comprised of a senior leadership team with more than 100 years of experience across government and industry, we are honored to bring our clients an extensive track record of mission success in creating, implementing and successfully delivering solutions and services across the Federal community. As a Service Disabled Veteran Owned Small Business (SDVOSB), we continue to serve our country in support of our Federal, DoD and IC clients.

Thrive Here & What We Value

Dynamic team

Supporting WCMS for federal clients

Collaborative work environment

Development and deployment processes

Focus on Drupal-based systems

Innovation

Client focus

Agile methodologies

Continuous improvement

Job Functions1. Security Controls Implementation2. Independent Security Assessments and Testing3. Plan of Action and Milestones Management4. Technical Advisor for RMF Controls Implementation5. Independent Verification and Validation (IV&V) Testing

Job Requirements1. Secret or Higher Clearance Level2. U.S. Citizenship3. Bachelor’s Degree in Cybersecurity, Computer Science, or a related discipline.4. 6+ Years of Experience5. IASAE II DoD Approved Baseline Certification (e.g., CISSP, CASP CE, CSSLP)6. Travel up to 20%

Skills1. DoD RMF Knowledge2. eMASS Proficiency3. 8 Domains of Information Security Understanding1. Strong Communication Skills2. Leadership Abilities3. Collaboration with Stakeholders